IASAP: An Organization for Security Awareness and InfoSec Professionals

Do you sometimes feel like you’re the only person at your organization who believes in the importance of security awareness? Or does your management believe in security awareness, but your program hasn’t caught up yet? If so, then it’s time to re-energize yourself and your awareness program with membership in the IASAP.

The International Association of Security Awareness Professionals (IASAP) is a 501(c)6 non-profit, corporate membership association dedicated to the private exchange of best practices for elevating employee awareness of good security behaviors at all levels within their member organizations. Members feel at ease sharing their experiences and strategies since all of the organizations activities are protected under Non-Disclosure Agreement (NDA). Membership is restricted to individuals actively working on awareness programs for their companies. No vendors are allowed which helps create a non-biased exchange of ideas.

IASAP got its start in 2012 when individuals from CSI Security Awareness Peer Group were determined to continue the valuable sharing of security awareness best practices following its discontinuation in 2011. As a result, the members formed the IASAP. “I like to consider IASAP members as an extension of my security awareness team,” said Linda Williamson of Michelin, North America. “The greatest benefit to me is the sharing of ideas, best practices, and experiences so we do not always have to ‘reinvent the wheel’ for our own programs.”

A membership with IASAP is a practical way to leverage the security awareness, training and educational programs of dozens of other like-minded companies for appropriate mutual benefit. In addition to this, member benefits include:

Frequent webinars featuring invited speakers from a variety of disciplines

Scheduled conference calls to focus on industry-specific topics

Team participation – involve your awareness team in IASAP activities

Collegial assistance from fellow members – security awareness professionals from an array of corporate types and cultures

Commercial-free content – attendance is restricted to employees working on their own internal corporate awareness programs. IASAP’s primary revenue is derived from member fees, not vendor sponsorships

IASAP holds three in-person meetings per year – two-day, facilitated conferences hosted by member companies in the U.S. and Canada. All attendees sign non-disclosure agreements and discussions are informal and academic. Each company is assigned a brief segment of the meeting to present on their own awareness initiatives, showing samples of their program materials and resources.

Members also have access to a members-only sharing platform where security awareness professionals engage in a lively, year-round exchange including a Q&A with immediate feedback, member polls, guest speaker webinars, and members-only conference calls. Because only current members who have signed an NDA may access the site, members feel comfortable posting program resources. These resources are often available to other members for re-branding.

Currently, IASAP is comprised of 46+ member companies, of which 71% are Fortune 500 members from 34 different industries. In order to ensure the legitimacy of potential members, the organization pre-screens each application before accepting a member. Because the organization is a non-profit, its primary revenue is derived from member fees. A one-year membership to IASAP is $2,500, two-year memberships are $4,750, and three-year memberships are $6,750.

“This organization is hands-down the best value for the money,” said Krina Snider, Security Awareness manager at Sprint. “IASAP provides creative security awareness ideas and proven practices to reduce risks across all industries against ongoing threat trends.”

In an industry where you’re constantly battling ever evolving security awareness challenges, it’s important that you surround yourself with other industry experts that take security awareness and information security as serious as you do. Join IASAP and help build a community that aims to bring awareness to reducing risk and security awareness best practices.

To learn more about the IASAP and inquire about a membership, visit iasapgroup.org.